Arvin Farrel Pramuditya

Backend Developer | Blockchain & Smart Contract | Cryptography | Cybersecurity Enthusiast

Security research, cryptographic identity, and responsible disclosure.

1. Public Records

Keyoxide Verification keyoxide.org/CC7C7F6EE3440CD3…
Keyoxide Identity .well-known/keyoxide.txt
Security Disclosure .well-known/security.txt
PGP Public Key pgp.asc

2. PGP Fingerprint

Click to select all · Verify against keyoxide.org before use.

PGP Verification Tools

Download Public Key Open Keyoxide Profile

gpg --recv-keys 0xA45372A9
gpg --fingerprint 0xA45372A9

3. Cryptographic Identity

Key ID	0xA45372A9
Fingerprint	CC7C 7F6E E344 0CD3 002B 2C00 8C0A E50D A453 72A9
Verification	keyoxide.org
Public Key	arvinlabs.me/pgp.asc

4. Security Contact

Responsible disclosure is welcome. Please encrypt sensitive vulnerability reports using my PGP public key.

For the full disclosure policy and contact address, refer to security.txt (RFC 9116).

5. Research Interests

Web Application Security
API Security
Access Control Issues (IDOR)
Authentication & Authorization Flaws
Security Misconfigurations

6. Research Activity

Participating in bug bounty programs on HackerOne and conducting security research on web applications and APIs.

7. Open Source

GitHub: github.com/ArvinFarrelP

Contributing to open-source projects through pull requests and security-related improvements.

8. Projects

CipherVision github.com/ArvinFarrelP/CipherVision

Cryptographic visualization and analysis tool focused on cryptography visualization and experimentation. Designed to make cryptographic concepts more accessible through interactive visual representations.

9. Open Source Contributions

PySpector github.com/ParzivalHack/PySpector
SurfSense github.com/MODSetter/SurfSense

Contributions include pull requests, bug fixes, and security-related improvements to open-source projects.

10. Vulnerability Reports

Keyoxide Profile Loading Issue (OpenPGP UID Update)

Report: codeberg.org/keyoxide/keyoxide-web/issues/256

Status: Reported (Responsible Disclosure, Awaiting Response)

Method: Key update, keyserver verification, and profile revalidation

Identified and reported a potential issue in Keyoxide where the profile failed to load after updating the primary UID of an OpenPGP key, affecting profile visibility and identity verification.

The issue occurred after modifying the primary UID and re-publishing the key to the keyserver, resulting in the profile displaying "No public profile/keys could be found."

Conducted testing and verification by updating key signatures, re-publishing to keys.openpgp.org, and validating key availability via fingerprint.